﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using MySql.Data.MySqlClient;
using SAM_Edu.entity;
using System.Windows.Forms;

namespace SAM_Edu.dao
{
    public class daoAccounts
    {
        static string errMsg = "";
     
       static bool verifystatus = false;

      static Accounts accounts;



      public static bool UpdateAccountDetails(string username, string password, string securityQN, string securityAns, string rfidNo)
      {

          MySqlConnection conn = DatabaseConnection.getConnection();
          string Query = "UPDATE Accounts SET password='" + password + "', securityQuestion = '" + securityQN + "' , securityAnswer = '" + securityAns + "' , rfidNum = '" + rfidNo + "' WHERE username = '" + username + "'";
          MySqlCommand cmd = new MySqlCommand(Query, conn);
          conn.Open();
          int result = cmd.ExecuteNonQuery();

          if (result > 0)
          {

              return true;
          }
          else
          {
              return false;
          }
          conn.Close();
      }

       public static Accounts getAccountDetails(string username)
       {

           MySqlConnection conn = DatabaseConnection.getConnection();
           string Query = "Select * FROM accounts WHERE Username='" + username + "'";
          
           MySqlDataReader MyReader2;
           try
           {
               conn.Open();
               MySqlCommand MyCommand2 = new MySqlCommand(Query, conn);
               MyReader2 = MyCommand2.ExecuteReader();
               while (MyReader2.Read())
               {
                   int userid = Convert.ToInt16(MyReader2["userid"]);
                   string password = MyReader2["password"].ToString();
                   string securityQuestion = MyReader2["securityQuestion"].ToString();
                   string securityAnswer = MyReader2["securityAnswer"].ToString();
                   string rfidno = MyReader2["rfidNum"].ToString();
                   accounts = new Accounts(username, password, securityQuestion, securityAnswer, rfidno, userid);
               }
           }
           catch (Exception ex)
           {
               errMsg = ex.ToString();
           }
           finally
           {
               conn.Close();
           }
          
           return accounts;
       }



       public static KeyValuePair<bool, int> VerifyLogonDetails(string username, string password)
        {
            int uid=0;
            MySqlConnection conn = DatabaseConnection.getConnection();
            string Query = "Select * FROM accounts WHERE Username='" + username + "' AND Password='" + password + "'";
           
            MySqlDataReader MyReader2;

            try
            {
                conn.Open();
                MySqlCommand MyCommand2 = new MySqlCommand(Query, conn);
                MyReader2 = MyCommand2.ExecuteReader();
                while (MyReader2.Read())
                {
                    uid = Convert.ToInt16(MyReader2["userid"]);
                    verifystatus = true;
                    break;
                }
            }
            catch (Exception ex)
            {
                errMsg = ex.ToString();
            }
            finally
            {
                conn.Close();
            }
            return new KeyValuePair<bool, int>(verifystatus,uid);
        }


       
        public static bool CreateAccount(Accounts acc)
        {

            MySqlConnection conn = DatabaseConnection.getConnection();

            string Query = "insert into Accounts(username,password,securityQuestion,securityAnswer,rfidNum , userid) values('" + acc.Username + "','" + acc.Password + "','" + acc.SecurityQuestion + "','" + acc.SecurityQuestion + "','" + acc.RfidNum + "','" + acc.UserID + "');";
               
                conn.Open();
             MySqlCommand cmd = new MySqlCommand(Query, conn);
                int result = cmd.ExecuteNonQuery();
               

                if (result > 0)
                {
                  
                    return true;
                }
                else
                {
                   return false;
                }
                conn.Close();
            }
           
        } 
    }

